:: It's because of things you get timeouts and other such funnies caused :: by this horrible often poorly written state-machine in the middle :: trying to second guess the state of the two ends. TCP in particular :: was designed with a reasonable degree of care to ensure that you can :: mathematically validate various principals. To do so, there is logic :: which allows one state-machine to resynchronize if the other :: other one :: gets hosed, and for both state-machines to stay synchronized under a :: wide range of conditions. :: :: NAT completely stuffs this up. The most obvious example of this is :: TCP sessions die when they either time out or the NAT device looses :: state (e.g. nasty Nokia DSL modem crashes because it doesn't like :: packets with various '1323 extensions under load). The Cisco 827 doesn't suffer from NAT timeouts like the Nokia MW1122. -- Juha --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog